Should I block it?

No, this file is 100% safe to run.

Additional versions

5.6.0.5210	2.50%
4.7.0.5133	2.50%
4.2.2.5081	22.50%
4.2.0.5075	7.50%
4.0.0.5025	40.00%
3.9.9.5004	12.50%
3.9.4.4945	12.50%

Relationships

Parent process

explorer.exe (Windows Explorer by Microsoft Corporation)

Related files

PE file structure

Show functions

Import table

advapi32.dll

RegQueryValueExA, RegOpenKeyExA, RegCloseKey, RegSetValueA, RegFlushKey, RegEnumValueA, RegEnumKeyExA, RegDeleteKeyA, ReadEventLogA, OpenProcessToken, OpenEventLogA, NotifyChangeEventLog, LookupPrivilegeValueA, LookupPrivilegeNameA, LookupAccountSidA, GetTokenInformation, GetOldestEventLogRecord, GetNumberOfEventLogRecords, CloseEventLog, AdjustTokenPrivileges

comctl32.dll

_TrackMouseEvent, ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_GetIcon, ImageList_Remove, ImageList_DrawEx, ImageList_Replace, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_SetImageCount, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create, InitCommonControls

comdlg32.dll

ChooseFontA, FindTextA, ChooseColorA, GetSaveFileNameA, GetOpenFileNameA

gdi32.dll

UnrealizeObject, StretchDIBits, StretchBlt, StartPage, StartDocA, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetTextAlign, SetStretchBltMode, SetROP2, SetPixel, SetPaletteEntries, SetMapMode, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SetAbortProc, SelectPalette, SelectObject, SelectClipRgn, SaveDC, RoundRect, RestoreDC, Rectangle, RectVisible, RealizePalette, Polyline, Polygon, PlayEnhMetaFile, PatBlt, OffsetRgn, MoveToEx, MaskBlt, LineTo, LPtoDP, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetViewportOrgEx, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32W, GetTextExtentPoint32A, GetTextColor, GetTextAlign, GetSystemPaletteEntries, GetStockObject, GetRgnBox, GetPixel, GetPaletteEntries, GetObjectA, GetNearestPaletteIndex, GetMapMode, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileDescriptionA, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetCurrentObject, GetClipBox, GetBrushOrgEx, GetBkColor, GetBitmapBits, GdiFlush, ExtTextOutW, ExtTextOutA, ExcludeClipRect, EndPage, EndDoc, Ellipse, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreateRectRgnIndirect, CreateRectRgn, CreatePenIndirect, CreatePen, CreatePatternBrush, CreatePalette, CreateICA, CreateHalftonePalette, CreateFontIndirectA, CreateEnhMetaFileA, CreateDIBitmap, CreateDIBSection, CreateDCA, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, CombineRgn, CloseEnhMetaFile, BitBlt, GetRandomRgn

gdiplus.dll

GdipMeasureString, GdipDrawString, GdipDeleteFont, GdipCreateFont, GdipGetGenericFontFamilySansSerif, GdipDeleteFontFamily, GdipCreateFontFamilyFromName, GdipSetClipRectI, GdipFillClosedCurve, GdipFillEllipseI, GdipFillPolygonI, GdipFillPolygon, GdipFillRectangleI, GdipFillRectangle, GdipGraphicsClear, GdipDrawCurve, GdipDrawPolygonI, GdipDrawRectangleI, GdipDrawLines, GdipDrawLineI, GdipDrawLine, GdipSetTextRenderingHint, GdipSetSmoothingMode, GdipDeleteGraphics, GdipCreateFromHDC, GdipSetPenWidth, GdipDeletePen, GdipCreatePen1, GdipGetPathGradientPointCount, GdipSetPathGradientSurroundColorsWithCount, GdipSetPathGradientCenterColor, GdipCreatePathGradientI, GdipCreateSolidFill, GdipDeleteBrush, GdipCloneBrush, GdiplusShutdown, GdiplusStartup, GdipFree, GdipAlloc

iphlpapi.dll

GetIfTable, GetIpAddrTable

kernel32.dll

GetACP, Sleep, VirtualFree, VirtualAlloc, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, CompareStringA, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle, TlsSetValue, TlsGetValue, LocalAlloc, lstrlenW, lstrcpyA, lstrcmpW, lstrcmpA, WritePrivateProfileStringW, WaitForSingleObject, WaitForMultipleObjects, VirtualProtect, SystemTimeToFileTime, SizeofResource, SetThreadLocale, SetLastError, SetFileTime, SetFileAttributesA, SetEvent, SetErrorMode, SearchPathW, SearchPathA, ResumeThread, ResetEvent, RemoveDirectoryA, ReadDirectoryChangesW, QueryPerformanceFrequency, QueryPerformanceCounter, QueryDosDeviceA, OutputDebugStringA, MulDiv, MoveFileW, MoveFileA, LockResource, LocalFileTimeToFileTime, LoadResource, LoadLibraryExW, LoadLibraryA, LeaveCriticalSection, IsValidLocale, InitializeCriticalSection, GlobalUnlock, GlobalSize, GlobalHandle, GlobalLock, GlobalFree, GlobalFindAtomA, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetVersionExA, GetVersion, GetUserDefaultLCID, GetTimeZoneInformation, GetTickCount, GetTempPathA, GetTempFileNameA, GetSystemInfo, GetShortPathNameW, GetShortPathNameA, GetProfileStringA, GetPrivateProfileStringW, GetModuleFileNameW, GetLocalTime, GetFullPathNameW, GetFullPathNameA, GetFileInformationByHandle, GetFileAttributesW, GetFileAttributesA, GetExitCodeThread, GetExitCodeProcess, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentProcessId, GetCurrentProcess, GetComputerNameA, GetCommandLineW, GetCPInfo, FreeResource, InterlockedExchange, FormatMessageW, FormatMessageA, FindResourceA, FindNextFileW, FindNextFileA, FindFirstFileW, FileTimeToLocalFileTime, FileTimeToDosDateTime, ExpandEnvironmentStringsW, ExpandEnvironmentStringsA, EnumCalendarInfoA, EnterCriticalSection, DosDateTimeToFileTime, DeleteFileW, DeleteFileA, DeleteCriticalSection, CreateFileW, CreateEventA, CreateDirectoryA, CompareStringW

ole32.dll

CreateStreamOnHGlobal, IsAccelerator, ReleaseStgMedium, OleDraw, OleSetMenuDescriptor, OleGetClipboard, OleSetClipboard, DoDragDrop, RevokeDragDrop, RegisterDragDrop, OleUninitialize, OleInitialize, CreateDataAdviseHolder, CoTaskMemFree, CoTaskMemAlloc, CLSIDFromProgID, ProgIDFromCLSID, StringFromCLSID, CoCreateInstance, CoSetProxyBlanket, CoInitializeSecurity, CoGetClassObject, CoUninitialize, CoInitializeEx, CoInitialize, IsEqualGUID, CLSIDFromString

oleacc.dll

LresultFromObject

oleaut32.dll

SysFreeString, SysReAllocStringLen, SysAllocStringLen, GetErrorInfo, GetActiveObject, VariantChangeType, VariantClear, VariantInit, SafeArrayPtrOfIndex, SafeArrayPutElement, SafeArrayGetElement, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantCopy

powrprof.dll

CallNtPowerInformation

shell32.dll

Shell_NotifyIconW, ShellExecuteExW, ShellExecuteExA, ShellExecuteW, ShellExecuteA, ExtractIconExW, DragQueryFileA, DragAcceptFiles, SHGetPathFromIDListA, SHGetDesktopFolder

shfolder.dll

SHGetFolderPathW

user32.dll

GetKeyboardType, DestroyWindow, LoadStringA, MessageBoxA, CharNextA, DllMain

version.dll

VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA

wininet.dll

InternetSetOptionA, InternetReadFile, InternetOpenA, InternetConnectA, InternetCloseHandle, HttpSendRequestA, HttpQueryInfoA, HttpOpenRequestA, HttpAddRequestHeadersA

winmm.dll

timeGetTime, timeEndPeriod, timeBeginPeriod

winspool.drv

OpenPrinterA, EnumPrintersA, DocumentPropertiesA, ClosePrinter

wsock32.dll

WSACleanup, WSAStartup, gethostname, gethostbyname, inet_ntoa

systemexplorer.exe

System Explorer by Miroslav Topolar (Signed)

Remove systemexplorer.exe

Version:	3.9.9.5004
MD5:	ff52f0f4bba964130dbe9c99b0643627
SHA1:	4c0bfd830a2d8e7a3527fa95e3000d41c7146df8
SHA256:	13e84676752204fa8159d956cfe478df15831fd2ef285ad29b39c1d242d35d62

Overview

systemexplorer.exe executes as a process with the local user's privileges usually within the context of Windows Explorer. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). This is typically installed with the program System Explorer 3.9.9 published by Mister Group. The file is digitally signed by Miroslav Topolar which was issued by the GlobalSign nv-sa certificate authority (CA).

Details

File name:	systemexplorer.exe
Publisher:	Mister Group
Product name:	System Explorer
Typical file path:	C:\Program Files\system explorer\systemexplorer.exe
File version:	3.9.9.5004
Product version:	3.9
Size:	2.63 MB (2,757,080 bytes)
Certificate
Issued to:	Miroslav Topolar
Authority (CA):	GlobalSign nv-sa
Effective date:	Friday, January 27, 2012
Expiration date:	Wednesday, April 24, 2013
Digital DNA
File packed:	No
.NET CLR:	No

More details

Programs

The following program will install this file

System Explorer

Mister Group

3% remove

“System Explorer is free , awards winning software for exploration and management of System Internals. This small software includes many usefull tools which help you Keep Your System Under Control . With System Explorer You get also fast access to File Database which help you to determine unwanted processes or threats . System Explorer is translated into 29 languages and is available for download in installer and portable version.”

Behaviors

Startup files (user) run

Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'

'System Explorer' → C:\Program Files\System Explorer\SystemExplorer.exe
'SystemExplorerAutoStart' → "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY

Startup files (all users) run

Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'

'SystemExplorerAutoStart' → "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY

Scheduled tasks

The task '{0F9438C3-7065-4371-BE60-04F15D936F5C}' runs on registration in the path '\{0F9438C3-7065-4371-BE60-04F15D936F5C}'
The job 'SysExpl' runs in the path '\SysExpl'

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

CPU
Total CPU:	0.00098308%	0.028634%
Kernel CPU:	0.00072407%	0.013761%
User CPU:	0.00025902%	0.014873%
Kernel CPU time:	149,090 ms/min	100,923,805ms/min
CPU cycles:	9,977,727/sec	17,470,203/sec
Memory
Private memory:	24.48 MB	21.59 MB
Private (maximum):	9.37 MB
Private (minimum):	3.11 MB
Non-paged memory:	24.48 MB	21.59 MB
Virtual memory:	136.43 MB	140.96 MB
Virtual memory (peak):	146.07 MB	169.69 MB
Working set:	8.33 MB	18.61 MB
Working set (peak):	21.27 MB	37.95 MB
Page faults:	186,065/min	2,039/min
I/O
I/O read transfer:	258.81 KB/sec	1.02 MB/min
I/O read operations:	89/sec	343/min
I/O write transfer:	454 Bytes/sec	274.99 KB/min
I/O write operations:	1/sec	227/min
I/O other transfer:	17.64 KB/sec	448.09 KB/min
I/O other operations:	355/sec	1,671/min
Resource allocations
Threads:	10	12
Handles:	290	600
GUI GDI count:	285	103
GUI GDI peak:	300	142
GUI USER count:	122	49
GUI USER peak:	125	71

Process properties

Tray notification:	Yes
Integrety level:	Medium
Platform:	32-bit
Command line:	"C:\Program Files\system explorer\systemexplorer.exe" /tray
Owner:	User
Parent process:	explorer.exe (Windows Explorer by Microsoft Corporation)

Threads